South Korean Regulators Punish Credit Card Companies

After more than 20 million people had their credit card information stolen and sold to deceptive marketing firms, South Koreans have plenty of reasons to be upset with their credit card providers.

The South Korean government is equally appalled, and this week it decided to fine the country’s three largest credit card firms 6 million won (£3,371) each. The fines may be relatively insignificant financially, but they come with a costly penalty for the credit card firms – all are banned from issuing new cards for three months.

More than 40% of South Korea’s credit card users had their data stolen during an attack on the Korean Credit Bureau’s computer system. A contractor working with the credit ratings agency reportedly stole the information by saving account details to a USB stick during a two-month job with the company last year.

The data was subsequently sold to credit card fraudsters and marketing firms, who many believe are using the credit card numbers and account names to sign people up for unwanted services. The theft and subsequent fraud was caused by the three firms “neglecting their legal duties of preventing leakage of customer information.”

Credit cards are big business in South Korea, which has one of the highest rates of usage in Asia. Many adults in South Korea own several cards and switch between credit card providers based on special offers and rewards. In the last three years, however, credit card records have been frequently targeted in cyber attacks.

The recent security breach at the Korea Credit Bureau comes just one year after two ackers stole more than 8.7 million credit card records from KT Mobile. Just one year earlier, more than 35 million accounts were stolen from South Korean online social network Cyworld.